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Abstract. Symbolic models have been recently used as a sound mathematical formalism for the formal 
verification and control design of purely continuous and hybrid systems. In this paper we propose a sequence of 
symbolic models that approximates a discrete-time Piecewise AfHne (PWA) system in the sense of approximate 
simulation and converges to the PWA system in the so-called simulation metric. Symbolic control design is 
then addressed with specifications expressed in terms of non-deterministic finite automata. A sequence of 
symbolic control strategies is derived which converges, in the sense of simulation metric, to the maximal 
^ controller solving the given specification on the PWA system. 

Ph 

,— I 1. Introduction 

X/^ Piecewise AfBne (PWA) systems have been extensively studied in the past and important research advances 

have been achieved, which comprise research topics on stabihty and stabilizabihty, observabihty, controUabihty, 
O identification, optimal control and reachability. In spite of a well established literature on PWA systems, it is 

known that reachability problems for PWA systems are undecidable |HKPV98j . This poses serious difRculties 
for the formal verification and control design of such systems and spurred some researchers to approach the 
^ analysis and control of PWA systems through approximating techniques and in particular, by resorting to 

symbolic models. A symbolic model of a continuous or hybrid system is a finite state automaton in which a 
symbolic state corresponds to an aggregate of continuous states and a symbolic control label to an aggregate of 
continuous control inputs. Symbolic models have been employed as an effective tool to address stabilizabihty 
problems, formal verification and control design of PWA systems. Symbolic models for continuous-time PWA 
systems and multi-afhne control systems have been studied in [HCS06j and BH06|, respect ively. Discrete- 
^ time PWA systems have been considered in MBLIO, MBL12, YBlQl ITYB+10HYTC+12] . The work in 

[MBLlOi IMBL12| explores the use of symbolic models for stabilizabihty problems while the work in |YB10| for 
solving formal verification problems; these papers consider PWA systems with no control inputs. The work 
in jTYB"*" lOl |YTC"'"12 instead, considers PWA systems with control inputs and uses symbolic models for 



solving control problems with temporal logic-types specifications. While being provably correct, the results in 
^ [YBlOi iTYB+lOl |YTC"'"12] do not quantify the conservativeness of the approach in the formal verification and 

control design of PWA systems. Quantifying conservativeness is important to evaluate how far the solutions 
based on symbolic models are from the corresponding solutions in the pure hybrid domain. In this paper 
we propose a framework based on the notion of approximate simulation |GP07| in which the accuracy of 
the approximation schemes is formally quantified and convergence properties are derived. We construct a 
sequence of symbolic models that approximate a PWA system in the sense of approximate simulation, so 
that the distance between the symbolic models and the PWA system can be quantified through the notion of 
simulation metric. These symbolic models can be effectively constructed by leveraging well-known results on 
polytopes' operations. The sequence is proven to converge in the simulation metric to the PWA system. A 
fixed point in the operator generating the sequence is shown to be equivalent to the PWA system, in the sense 
of bisimulation. Symbolic control design of PWA systems is then addressed where specifications are expressed 
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in terms of non-deterministic finite automata. We propose a sequence of symbolic control strategies that 
solve the symbolic control design problem with increasing accuracy. This sequence is explicitly derived from 
the sequence of symbolic models and can be effectively computed by using well-known results on polytopes' 
operations and graph theory. The sequence is proven to converge in the simulation metric to the maximal 
controller solving the given specification on the original PWA system. 

This paper is organized as follows. In Section [2] we introduce the notation and preliminary definitions and 
in Section [3] the class of PWA systems considered. In Section |4] we introduce a pseudo-metric on the space 
of polytopes and in Section [s] we recall the notions of system and approximate simulation. In Section [6] 
we propose a sequence of symbolic models that are employed in Section [7] to solve symbolic control design 
problems. Finally Section |8] offers some concluding remarks. 

2. Notation and Preliminary Definitions 

We denote by 2^ the set of subsets of a set X. We identify a binary relation 7?. C X x y with the map 
Tl.: X defined by y G 'R-{x) if and only if (x, y) € 7^. Given a relation 7^ C AT x F, the symbol Tlr^ 

denotes the inverse relation of 7?., i.e. TlT^ := G F x X : (x, y) € 7?.}. A graph is an ordered pair 

Q = (A/", S) comprising a set J\f of nodes together with a set f C A/" x A/" of edges. Given a graph Q = (A/", £), 
two nodes Ni,N2 G Af are called connected if G contains a path from Ni to A^2- A graph is said to be connected 
if every pair of nodes in the graph are connected. A connected component is a maximal connected subgraph 
of Q. The symbols Z, N, M, and M.q denote the set of integers, non-negative integers, reals, positive 
and non-negative reals, respectively. The symbol |j • || denotes the infinity norm. Given 11,^2 € N U {00} 
with ii < «2 we denote by [ii;i2] the set + l,...,i2}. The symbols cl(Ar), int(Ar) and conv(Ar) denote 

respectively, the topological closure, the set of interior points, and the convex hull of a set X C M". A 
polyhedron P C M" is a set obtained by the intersection of a finite number of (open or closed) half-spaces. A 
polytope is a bounded polyhedron. The collection of vertices of a polytope P is denoted by V(P); note that 
V(P) = V(cl(P)) ~ V(int(P)). For later use we recall the following notions. 

Definition 2.1. Given a set X, a function d : X x X ^ U {00} is a quasi-pseudo-metric for X if: 

(i) for any x X, d{x, x) = 0. 

(ii) for any x,y,z £ X, d{x, y) < d{x, z) + d(z, y). 
If condition (i) is replaced by: 

(i') d[x, y) — Q and only li x ^ y, 
then d is said to be a quasi-metric for X. If function d enjoys properties (i), (ii) and 

(iii) for any x,y £ X, d(x,y) = d{y,x), 

then d is said a pseudo-metric for X. If function d enjoys properties (i'), (ii) and (iii), it is said a metric 
for X. When function d is a (quasi) (pseudo) metric for X, the pair {X, d) is said a (quasi) (pseudo) metric 
space. 

Definition 2.2. |RSV82] Given a quasi-pseudo-metric space (X,d), a sequence {x^jigN over X is left (resp. 
right) d-convergent to x* £ X, denoted lim Xi = x* (resp. lim Xi = x*), if for any e £ there exists N £ N 

such that d{xi,x*) < e (resp. d(x*,Xi) < e) for any i > N. 

3. PlECEWISE AfFINE SYSTEMS 



In this paper we consider the class of discrete-time Piecewise Affine (PWA) systems described by the triplet: 
(3.1) S = (M",Z^,{I]i,I]2,...,Sjv}), 
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where M" is the set of states, U C M™ is the set of control inputs, and Ej is a constrained affine control system 
defined by: 

x^{t + f ) = AiX,{t) + B,u,{t) + /„ 
Xi{t) e Xi,Ui{t) £ U. 

We suppose that the sets Xi are polyhedral, with interior, and that their collection is a partition of M"; 
moreover we suppose that the set U is polyhedral. We denote by x(t,a;o,u) the state reached by S at time 
i G N starting from an initial state x^) S M" with control input u : N — Since is a partition 

of M" it is readily seen that the PWA system E is deterministic jLJS"'"03| . A PWA system S is said to be 
autonomous iiU = {0}. 

4. Pseudo-Metric Space of Polytopes 

Consider a polytopic subset X of M" and denote by V{X) the set of polytopic subsets of X . We recall that 
the diameter Diam(Ar) of a set AT C A" is defined by Diam(A) = sup^ ^^^^ ||a; — y\\. Consider the function 
dp : V{X) X V{X) ^ M+ U {oo} defined for any Ai, Aa e V{X) by dp(Ai, Aa) = Diam((Ai\A2) U (A2\Ai)). 

Theorem 4.1. [V{X),Ap) is a pseudo-metric space. 



Proof. Regarding property (i) in Definition |2.1[ one obtains dp(A, A) = Diam(0) = 0. Property (iii) is 
trivially satisfied. Regarding (ii), one first notes that Ai\A2 C (Ai\A3)U(A3\A2) for any Ai, A2, A3 e V{X). 
Hence, the following chain of inequalities holds: 

dp(Ai,A2) = Diam((Ai\A2)U(A2\Ai)) 

< Diam(((Ai\A3) U (A3\A2)) U ((A2\A3) U (A3\Ai))) 

< Diam((Ai\A3) U (X3\A2)) + Diam((A2\A3) U (A3\Ai)) 

= dp(Ai,A3)+dp(X3,A2). 

□ 

Functions Diam and dp can be easily computed from the vertices of the polytopes involved in their arguments, 
as the following results show. 

Proposition 4.2. Diam(P) — max^^ „2gv(P) ll^i ^ V2\\. 

Proposition 4.3. If Pi ^ P2 then dp(Pi,P2) niax„^^^2gv(Pi)uv(P2) 1^2 - t^ill- 

Proof Since V(Fi) U V(P2) Q cl((Pi\P2) U (P2\Pi)), then 

(4.1) dp(Pi,P2)> max 11^2 

«i,i'2ev(Pi)uv(P2) 



By Proposition 4.2 and since V(conv((Pi\P2) U (P2\Pi))) C V(Pi) U V(P2), one gets: 



dp(Pi, P2) = Diam((Pi\P2) U (P2\Pi)) - Diam(conv((Pi\P2) U (P2\Pi))) 

= max^,j^^,2gv(conv((Pi\P2)u(P2\Pi))) \\v2 - Will < max^j^„2eV(Pi)uv(P2) ll^^2 - "ill- 



By combining (4.1) and (4.2 1 the result follows. □ 



We conclude this section by introducing the notion of splitting policy. 

Definition 4.4. Consider a finite collection of polytopes P = {Pi, P2, P/v} C V{X). A splitting policy 
with contraction rate A e]0, 1[ for P is a map $a : P 2^^'^' enjoying the following properties: 

(i) the cardinality of $a(-Pi) is finite. 

(ii) ^\{Pi) is a partition of Pi. 

(iii) Diam(P/) < ADiam(Pj) for all P/ e ^x{P^). 
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Example 4.5. Consider a finite collection of polytopes P — \P\, P2, Pn} C V{X). Set p ~ minjg[i.^] Diani(Pi) 
and denote by C the collection of sets C(ii, i„) = [zi, ii + l[x... x [i„, i„ + 1[, indexed by ii, z„ G Z. Note 
that Diam(C(iii,...,i„)) = 1. Given A e]0, 1[ define the map <^>x{Pi) = {P/ e V{X)\3C{ii, ...,in) e C s.t. = 
P, n XpC{ii, in) 7^ 0}. We now show that is a splitting pohcy with contraction rate A. Since the sets Pi 



are bounded then property (i) in Definition 4.4 holds. Since C is a partition of K", then also property (ii) holds. 
Regarding property (iii), by definition of p one gets Diam(Pj^) < Diam(ApC(zi, i„)) = Xp < ADiam(Pi). 
Hence, $a is a splitting policy with contraction rate A for P. 

In the sequel we denote a splitting policy with contraction rate A by Split Given a finite collection of 
polytopes P = {Pi, P2, Pat} we abuse notation by writing Split ;^(|J^g[i.jv] Pi) = Ui6[i;Ar] Split ;^(P0. 

5. Symbolic Systems and Approximate Relations 

In this paper we use the notion of systems as a unified mathematical framework to describe PWA systems as 
well as their symbolic models. 

Definition 5.1. |Tab09] A system is a quintuple S = {X, U, >- , Y, H) consisting of a set of states X, a set 

of inputs U, a transition relation C X xU x X, a. set of outputs Y and an output function H : X Y. 

A transition (x, u, x') G ► of S is denoted by x — ^ x'. A state run of S with length T G N U {00} is 

a (possibly infinite) sequence of transitions xq — ^ xi — ^ ... ^ ► xt-i of S. An output run of S with 
length T G NU {00} is a (possibly infinite) sequence of output symbols yo, j/i, ... , yx-i such that for all yi and 

yi+i there exists Xi "'"'" >■ x^+i such that yi = H{xi) and yi+i = H{xi^i). System S is said to be symbolic, if 
X and U are finite sets; (pseudo) metric, if Y is equipped with a (pseudo) metric d; deterministic, if for all 

states x & X and all inputs u E U there exists at most one transition x ► x^ ; non-blocking, if for all states 

X G X there exists at least one transition x — ^ x' for some u ^ U; with no inputs, if f7 is a singleton. 

For a detailed description of the notion of system and of its properties we refer to |Tab09l . In this paper we 
use the notions of approximate simulation and bisimulation to relate properties of PWA systems and of their 
symbohc systems. 

Definition 5.2. |GP07j Let = {Xi,Ui, , Yi,H{) and 5*2 = (A2, U2, , F2, iJj) be (pseudo) metric 

systems with the same output sets Yi — Y2 and (pseudo) metric d and consider a precision e G . A relation 
TZ C Xi X X2 is an e-approximate simulation relation from Si to ^2 if the following conditions are satisfied: 

(i) for every {xi,X2) G 7?. we have d(i/i(a;i), iJ2(a;2)) < £• 

(ii) for every {xi,X2) G TZ existence of Xi " ^ ► x'l in 5*1 implies existence of X2 " x'2 in S2 satisfying 
(a;'i,4) G7^. 

System 5*1 is said to be e-approximately simulated by ^2 or S2 e~approximately simulates Si, denoted 

51 die S2, if 'R.{Xi) — X2- When e = 0, system Si is said to be exactly simulated from system 52, or 
equivalently, S2 exactly simulates Si. Relation TZ is an e-approximate bisimulation relation between and 

52 if: 

(iii) TZ is an e-approximate simulation relation from Si to S2- 

(iv) TZ^^ is an e-approximate simulation relation from ^2 to Si. 

Systems Si and ^2 are e-approximately bisimilar, denoted Si =^ S2, if TZ{Xi) — X2 and TZ~^{X2) = Xi. 
When e = 0, systems 5i and ^2 are said to be (exactly) bisimilar. 

In the sequel we will work with the set 5(P(A'),dp) of pseudo-metric systems with output pseudo-metric 
space (P(A'),dp). The notions of approximate simulation and bisimulation relations induce certain metrics 
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on S{V{X),dp). For later purposes, we recall hereafter the simulation metric. The simulation metric from a 
system 5*1 to a system 5*2 is defined as the tightest precision e for which 5*1 is e-approximately simulated by 
82- More formally: 

Definition 5.3. |GP07| Consider two pseudo-metric systems 51,52 G S{'P{X),dp). The simulation metric 
from Si to ^2 is defined by ds(5i, ^2) = inf{£ G |5i 52}. 

Theorem 5.4. |GP07| The pair {S {V {X) , dp) , 6.^) is a quasi-pseudo-metric spac^ 

6. Sequences of Symbolic Models 

In this paper we are interested in the evolution of PWA systems within bounded subsets of the state space 
M". This choice is motivated by the fact that in many applications, physical variables such as velocities, 
temperatures, pressures, voltages, take value within bounded sets. The expressive power of the notion of 
systems as in Definition |5.1| is general enough to appropriately describe the evolution of PWA systems, as 
formally shown hereafter. 

Definition 6.1. Given the PWA system S and the polytopic subset X of R" define the pseudo-metric system 
§(S) (X,U, ,Y,H) where: 

• X = X. 

• V=U. 

• X >- x', ii X E Xi and x' = AiX + BiU + fi where Xi — XiC\ X . 

• Y = 'P{X), equipped with the pseudo-metric dp. 

• H(x) = {x}. 

System §(S) preserves important properties of the PWA system E when its state space M" is restricted to X, as 
for example reachability, determinism and metric properties. (Note that dp{{x},{y}) — \\x — y\\ from which, 
metric properties of S are naturally transferred to S(I]) and vice versa.) Although system S(E) correctly 
describes the PWA system E within the compact set X, it is not symbolic because X and U are not finite sets. 
For this reason in the sequel we introduce a sequence Aa/(E) of symbolic models that approximate the PWA 
system E. We introduce this sequence recursively, as follows: 

r Ai(E) = 17(S(E)), 
^ ' \ Am+i(E) = vI/(Am(E)), 

where functions n : S{V{X),dp) S{V{X),dp) and * : S{V{X),dp) S{V{X),dp) are formally specified 
through the following Definitions |6.2| and |6.3[ respectively. 

Definition 6.2. Given the system S(E) define the system Ai(E) = (Xi,Ui, — ^-^ , Yi,Hi) where: 

• Xi = Split ({ A"!, A2, Ajv})- A state in Xi is denoted by Xf. 

• Xl — Xl , if the following conditions hold, where index i is such that Xf C Xf. 

o there exist x E Xf and u ElA such that AiX + BiU + fi £ X[ . 
o V^' = {ueU\3x E X'i s.t. A,x + B,u + /, E x(}. 

• Ui is the collection of all sets E_U for which X^ — ^-^ Xl . 

• Yi = V{X), equipped with the pseudo-metric dp. 

• Hi is defined as follows: 

./ ■ v^' ■' 

o Hi(Xf) — 0, if the pairwise intersection of distinct sets E Ui for which Xl — ^ Xl , is the 

empty set. 

"'^In |GP07I quasi— pseudo-metric spaces are termed directed pseudo— metric spaces. 
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o Mi{Xl) = X(, otherwise. 

Definition 6.3. Given the system Am(S) define the system Am+i(S) = {Xm+i,Vm+i, j;^:^ i Ya/_|_i,EIm+i) 
where: 

• Xm+1 = ckM+i U Pm+i U jm+1 where: 

o aM+i = {Xii e Xm\Mm{XI,i) = 0}. 

o Pm+i = Ux^ x^'px., Spht;^(ZAf (j,/)) where: 

ZmUJ') = [x£ HM(^if)|3u e U s.t. + + /, G X^^} , 
and index i is such that C A^. 

A state in X7\/+i is denoted by X^^^^. 



• X 



^ Xj^jj^-^^, if the following conditions hold, where index i is such that Xj^j^-^ C X^: 



M+l M+ 

V^' = {u e U\3x e Xlj^^ s.t. A,x + B,u + /, e X^^+J 



o there exist x G X\jj^-^ and u (zU such that ^^a; + BiU + G 



• Um+1 is the collection of all sets CU for which -'^Xz+i ^ii+i- 

• Yjv/+i = equipped with the pseudo-metric dp. 

• Hm+i is defined as follows: 

o IHIm+i(-'^m+i) = the pairwise intersection of distinct sets G Um+i for which X^^^-^ jjj*^ -'^m+i, 

is the empty set. 
o IHIm+i(^m+i) = -'^M+i, otherwise. 

Since by definition of splitting policies, the sets in Split^j^dA*!, A2, Xn\) and Pm+i are finite, system Aa/ (S) 
is symbolic. Note that by definition of 7Af , the collection of sets in Xj\/ is a covering of X. Moreover \m 
becomes a partition of X when the PWA system S is autonomous. Symbolic system Km+i{'^) can be viewed 
as a refinement of Aa,/(S) |CGP99) . It is readily seen that the effective construction of Am(S) relies upon 
basic operations on polytopes. 

A common issue when constructing symbolic systems of PWA systems, is the presence of the so-called spurious 
transitions^ that are transitions in the symbolic systems which cannot be matched by any state evolution in 

the PWA systems. Whenever a pair of transitions A"|^ ► X-'j^j and X\,j ► A"|| exists in Aa/(E) such 

that V^^ n V^'^ 7^ and 7^ then, those transitions are said spurious (and state ATj^ is said to produce 
spurious transitions) because they cannot be mimicked by any state evolution of the (deterministic) PWA 
system S. The output function Hm of the symbolic system Am(S) distinguishes states that produce 
spurious transitions, for which ElM(-'^Af) 7^ 0, from states Xj^j that do not, for which Mm{X-'j^) — 0. From 
the above discussion, one would argue that when there are no spurious transitions in the symbolic system, such 
a symbolic system correctly describes the original PWA system E. The following result makes this statement 
formal. 

Theorem 6.4. Systems andAMC^) are bisimilar if 

(6.2) HAf(X^) = 0, yxij G Xm. 

Proof. Define the re latio n 7?, C X x XAf such that (x,Ar|j) G 72. if and only if x G ^Af- Consider any 
{x,Xl,j) G n. From one gets: 

(6.3) dp{m{x),MM{Xii)) = dp{{x},0) = Diam({a;}) = 0, 
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from which, condition (i) in Definition 5.2 holds. We now show that also condition (ii) in Definition 5.2 
is satisfied. Consider any transition x — x' in S(S). Since Xjv/ is a covering of X there exists a state 
g Xm such that x' G or equivalently, e TZ. By definition of K^i'i^) there exists a transition 



j^j ' -^M ^m{^), for some G Vm with u ^ . Hence, condition (ii) in Definition 



5.2 



holds 



and TZ is an exact simulation relation from §(S) to Am(S). Since any state Xj^,j e 'Km is non-empty then 
TZ(lCj = Xjvf, which implies that condition (iii) is satisfied with e = 0. We now show that condition (iv) 
holds with e = 0. Consider a ny {X lj,x) e TZ^^. Since dp is a pseu do-m etric then dp(IHlA/(X^^), IHI(x))) = 

Regarding condition (ii), consider 

x' in S(I]). 



5.2 



dp{M{x),IlMiXlj)) which by (6.3 1 implies condition (i) in Definition 

\Af (S). Pick any u £ and consider the transition x 



any transition Xj^.j 



M 



m 



Since §(E) 



that {x',Xi,] 



m(S) with simulation relation TZ, there exists a transition Xj^ 
" x') e TZ-^. Since u e V^' and 



G 7?., or equivalently {Xj^j , 



M M 




and Xli 



in Am(S) such 
then V^" = V^' 



Hence, condition (ii) in Definition 5.2 is true from which, condition (vi) holds with e = 0. 



Therefore, TZ is an exact bisimulation relation between S(S) and Am(S). Finally, since Xm is a covering of 
X then TZ~^{'Km) = X, which concludes the proof. □ 



Whenever a state Xj^j G Xjv/ not producing spurious transitions is found from algorithm (6.1 1, it is no further 
splitted in the higher order symbolic systems. This fact implies that the union of those sets, i.e. 

(6-4) U Xi„ 

xij<£{X€XMmM(x)=0} 

is non-decreasing (in the sense of the partial ordeij^ induced by C on T'{X)) with respect to the order M of 
the symbolic system. If a step M in the algorithm in (6.1) exists for which the set in (6.4) covers the whole 
set X, the symbolic system Ajv/(S) becomes an exact bisimulation of the PWA system. 

Corollary 6.5. //Am+i(S) = Ajv/(S) then Am C^) anc? §(S) are exactly bisimilar. 



Proof. If Am+i(S) 



(S) then 



which implies by Definition 



X-^j G Xm- Hence, the result follows as a direct application of Theorem 



6.4 



6.3 



that 



for all 

□ 



If conditions in the above result are satisfied we say that the algorithm in (6.1 ) converges in a finite number of 
steps. In general, the algorithm in (6.1 ) is not guaranteed to converge in a finite number of steps. This happens 
whenever there are states in the symbolic system which produce spurious transitions. We now introduce a 
measure of these states in the symbolic system Am(S). Define Gran(AM(5])) = max^j ^^^^ Diam(Hj\/(X^^)) 
and 



(6.5) 



Gran(S(S)) = max Diam(A'i). 

ielUN] 



Note that since sets Xi are bounded then Gran(AM(S)) and Gran(§(S)) cannot be infinite. Function Gran 
provides a measure of the "granularity" of the symbolic system (i.e. how finer is the covering of the set X), in 
the regard of (the only) states producing spurious transitions. The following result provides an upper bound 
to the distance between the PWA system E and the proposed symbolic systems. 

Theorem 6.6. 4(8(1]), Am(S)) < Gran(AAf(S)). 

Proof. Define the relation TZ C X x such that {x,Xlj) E TZ ii and only if x G Xl,j. Consider any 
{x,Xi,) G TZ. If HM(^lf) = then dp(H(x), HM(Xi,)) - dp{{x},0) = < Gran(AM(E)). If Hm(X|,) ^ 



A partial order ~< over a set X is a binary relation ~< C- X X X that is reflexive (x ~< x), antisymmetric (x ~< y and y ^ x 
imply X = y) and transitive {x ^ y and y ^ z imply x ^ z). 
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then, by definition of Gran(AM(S)) one gets dp(IHI(2:), Hm(^m)) = Diam{MM{XU) < Gran(AA/(S)). Hence, 



condition (i) in Definition 5.2 is satisfied. Conditions (ii) and 7?.(X) = can be proven along the lines of 



the first part of the proof of Theorem 6.4 from which, S(I]) Am(S) with s = Gran(AM(S)). Finally, the 



result follows from the definition of the quasi-pseudo-metric dg. □ 

The above result is important because it quantifies the accuracy of the proposed symbolic systems. The rest 
of this section is devoted to study the convergence of the symbolic system Am(S) to S(I]). We start by 
presenting the following technical result. 

Lemma 6.7. Gran(AAf+i(i;)) < AGran(AM(S)) and Gran(Ai(i;)) < AGran(§(i;)). 



Proof. By Definition 6.3 for all states ^^z+i there exist a state X-^f e Xm with IEIIm(-'^m) ^ 

such that Xi^^^ C Split_s^(Z), for some set Z C X-j^^. By the above condition and the definition of the 

splitting pohcy Spht^j^, the inequality Diam(IHlM+i(-'^M+i)) < ADiam(Z) < ADiam(IHlM(-'^M)) holds. Hence, 
by applying the maximum operator to both sides of the above inequality, one gets: 

Gran(AM+i(S)) = max^.^^^g^M+i Oi^™(I^A^+i(^M+i)) 

< Amaxy,. ^ Diam(HM(^M)) = AGran(AA/(E)), 

which concludes the first part of the proof. The second part of the proof can be shown by using similar 
arguments. □ 

We now have all the ingredients to present one of the main results of this paper. 

Theorem 6.8. The sequence of symbolic systems {AM(S)}MeN is left dg-convergent to the system §(S), i.e. 
=lim Am(S). 

Proof. Pick any e G IR+ and choose G N such that: 

(6.6) A^^=Gran(S(S)) < e. 

By combining Theorem |6.6| and Lemma |6.7| for all M > AI^ , we obtain: 

ds(S(S),Aji/(S)) < Gran(AA/(S)) < AGran(AM_i(S)) < ... < A*^Gran(§(I])) < A*^'Gran(§(S)) 
which, combined with ( |6.6[ ), concludes the proof. □ 

7. Symbolic Control Design 

In this section we address symbolic control design of PWA systems where specifications are expressed in terms 
of non-deterministic finite automata. We start by introducing the class of control strategies considered in this 
paper. A control strategy is specified by a partition X = {Xjjig/ of X and a function: 

(7.1) A::X^2". 

Note that we are not supposing that X is either finite or countable. When X is a finite set, the control strategy 
is said symbolic. Function IC associates to an aggregate of states X^ G X an aggregate of inputs /C(Xi) C U 
representing the collection of admissible inputs. This class of control strategies is general enough to enforce 
automata theory-types specifications, as shown in the sequel. Given a control strategy IC, we denote by E'^ 



the closed-loop PWA system E, i.e. the system E in (3.1) where u — k{x) G /C(Xi) if x G X,. With abuse 



of notation, we denote by x{t,xo,K) the state reached by E at time t starting from an initial state xq & X 
with feedback control law k{x) G /C(Xi), x G X^; moreover we write k G /C when k{x) G /C(Xi) for all x G X^ 
and K, Q JC when lC{{x}) C K,'{{x}) for all x £ X. We can now formally state the control design problem 



SYMBOLIC MODELS AND CONTROL OF DISCRETE-TIME PIECEWISE AFFINE SYSTEMS 



9 



considered in this paper. Consider a specification described by the following pseudo-metric symbolic system 
with no inputs: 

(7.2) Q = (X^U„ ^ ,Y,,H,), 

where: 

• X'' ~ {X^ , X2 I ■ ■ • 5 '^Ni } is a finite collection of polytopic subsets of X with empty pairwise intersection. 
Set A"^ = Ue[l;^.]'^^ 

• U, = {0}. 

• ► CXI xW X X9. 

• Yq = 2"^, equipped with the pseudo-metric dp. 

We suppose that Q is non-blocking and that the collection X'^' of sets A"' is contained in the partition {A'i}ig[i.jv] 
of X. The last assumption can be given without loss of generality by appropriately duplicating the dynamics 
of the PWA system S. For easy of notation we denote in the sequel a transition X^^ — ^ X^^ by X^_^ X^^ . 



Definition 7.1. A control strategy /C : X — >■ 2^^ is said to enforce the specification Q in (7.2 1 on the PWA 

system S if for all initial states xq e of E for which /C(Xi) ^ and for all k E K, there exists a (possibly 
infinite) state run A"? >- X^^ ... X^^ of Q with length T e N U {00} such that x{t, xo,k) E X,^^ 

and x{t + 1,2:0, k) E X^^^ for all t E [Q;T - 1]. 



Denote by K(I], Q) the collection of all control strategies enforcing the specification Q on S. 

Definition 7.2. The maximal control strategy enforcing the specification Q on the PWA system S, is a control 
strategy K.* E K(S, Q) such that IC{{x}) C IC*{{x}) for all /C E K(E, Q) and all x EX. 

Proposition 7.3. IC*{{x}) = [jKeK{s,Q) l^ii^})- 

From the above result the control strategy JC* exists and is unique. Note that /C* is not symbolic in general. 
Moreover, the explicit expression of /C* cannot be easily derived. For this reason in the sequel we propose a 
sequence of control strategies )Cm, approximating /C*, that can be effectively computed on the basis of the 
symbolic systems Ajv/(S). 



Definition 7.4. Consider the symbolic system Aa/ (S) in Definition 6.3 and for all X^j E Xm define the graph 
g{Xi,) = {N;£) where: 

• A/" is the collection of sets E Uj\/ such that X\j — ^a/- 

• 5 is the collection of aU pairs (V^.V^') E Af x JV such that n ^ 0. 

For all connected component Gi{Xj^,j) of g{X-'j^,j) define the following sets: 

• Ui(Xj^) is the union of nodes of Gi(X|,j). 



• Xi(X^^) is the union of sets Xj^j for which Xj^,j X-j^j and is a node of Gi(X|^). 



Define the control strategy ICm ■ '^m ^ such that: 
. for aU Xij % A"?, ICm{XIi) = 0; 

• for all xIj C XI, ICm{XIj) = U»Ui(X^) s.t. X,(XjJ C Postq{Xlf), where Post,(Xi^) is the union 
of sets X^, E X? such that C XJ e and A"/ A"/,. 
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Figure 1. Sets and graphs in Example 7.5 



From the above definition it is easy to see that JCm is symbohc. The following example illustrates the 
construction of control strategies JCm- 

Example 7.5. Given a PWA system S and Am(S), consider a set e \m and all outgoing transitions 



XIj d' e [1;4]) in Aa/(I;). Sets V^' are depicted in Figure 



(left panel) and sets Xj^J 



-yq yq yq\ yq 



X2 and 



Figure jlj (right panel). Consider a specification Q as in (7.2), where X'' — 

Xl — X!^. Sets X^ are depicted in Figure jlj (right panel). The graph G{Xl,j) = (JV,£), depicted in 

Figure [1] (central panel), is composed of the two connected components Gi(X^^) — {{V^ ,V^}, {{V^ ,V^)}) 
and G2{Xli) = {{V^,V'^},{(y'^,V'^)}). The resulting sets U,(X^,^) and X,(X|,^) are given by: 



v,{xi,)^v'uv\ Xi(Xl,) = Xi,UX|„ V2{Xi,) = V^UV\ X2{Xij)^Xl,UX_ 



The set Post,(X^) is given by X^ U X^. Since Xi(X|^) C Post,(X],^) and X2(X^^) ^ Postg{Xlj), then 
^AiiXli) = Ui{Xlj). 

It is readily seen that the computation of the symbolic control strategy JCm relies upon basic operations 
on polytopes and well-known algorithms in graph theory. The symbolic control strategies in Definition |7.4| 
guarantee that the closed-loop PWA system E'^*/ satisfies the specification Q, as formally stated in the 
following result. 

Theorem 7.6. ICm E K(I],g). 

Proof. We prove the statement by induction. Consider any x € X'^ for which )Cm{{x}) 7^ and consider 
any u G ICmUx})- Let X^^j S Xjvf be such that x € X-jyj. Since u G ICmUx}) there exists a connected 
component Gi(Xjf) of C/(X^^) such that u G Ui(X|,^) and x(x, 1,m) £ Xi(X;^). Since 'Xi{Xlj) C Postg(X|^) 
the specification Q is satisfied. □ 



When a fixed point is found at step M of the algorithm in (6.1), the corresponding symbolic control strategy 
K-M coincides with the maximal control strategy JC* . 

Corollary 7.7. //Am+i(S) = Am{^) then JC* = ICm. 

The proof of the above result is a straightforward consequence of the definitions of ICm and JC* and of 
Corollary |6.5| and is therefore omitted. If a fixed point is not found in a finite number of steps, the sequence 
ICm converges to IC* as discussed hereafter. We firstly provide a representation of (symbolic) control strategies 
in terms of (symbolic) systems. This step allows us to evaluate the distance between control strategies through 
the simulation metric. 

Definition 7.8. Given the control strategy IC* define the pseudo-metric system S(/C*) = (X,U, , Y,E1I), 

where entities X, U, Y and IH are defined in Definition joj and x >- x'^ if and only if x — ^ x^ in §(S) 
and u £ K*{{x}). 
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Definition 7.9. Given the symbolic control strategy /Cm define the pseudo-metric sym bolic system §(/C 



(Xm, Vm, — — ► , Ym, Hm), where entities Xm, Um, "^m and Mm are defined in Definition 

Km 



6.3 



M) — 

^'^'^ ^ ^ii 



if and only if X^, — ► Xi, in AAf(S) and C K.M{Xij). 



We can now give the following result that quantifies the distance between /Cm and /C*. 
Theorem 7.10. ds(§(/CM), S(/C*)) < Gran(AM(S)). 

Proof. Define the relation TZ C Xj\/ x X such that [X-'j^j, x) E TZ ii and only if a; G X^^. Consider any {Xl,j,x) G 
n. By definition of Gran(AM(S)) one gets dp(HM(X{f), H(a;)) = Diam(HM(X^,/)) < Gran(AM(S)) from 



which, condition (i) in Definition 5.2 holds. We now show that also condition (ii) in Definition 5.2 is satisfied 



yj -I ■ ■ 

Consider any transition Xl, >- Xl, in §(/Ca/). By definition of /C*, K,m{XIA C K,*{Xij). Hence, for all 

Km 

u G K,M{X^'l^^), X x'^ . In particular, by definition of JCm there exists u e /Cm(^m) ^ ^*(^m) such that 

is satisfied. S ince Xm is a 



K' 



X ' 



^ in S(/C*) and x'^ G from which, condition (ii) in Definition 



5.2 



partition of X then condition (iii) in Definition 5.2 holds. Finally, the result follows from the definition of the 



quasi-pseudo-metric dg. □ 
We are now ready to present the second main result of this paper. 

Theorem 7.11. The sequence of symbolic controllers {§(/CM)}MeN is right As-convergent to §(/C*), i.e. 
lim§(/CM) =§(/C*). 

The proof of the above result can be obtained by combining Lemma |6.7| and Theorem |7.10[ along the lines of 
the proof of Theorem |6.8[ and is therefore omitted. 

8. Conclusion 

In this paper we proposed a sequence of symbolic models that converges to a PWA system in the simulation 
metric. A sequence of symbolic control strategies is then derived which converges in the simulation metric 
to the maximal controller enforcing finite automata-types specifications on the PWA system. An application 
of the proposed results to practical case studies requi res subseq uent developments of efficient computational 
tools. Useful insights in this direction are reported in [YTC+12llPBD12] . We plan to investigate this issue in 
future work. 
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